diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-07-06 16:14:47 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-07-06 16:14:47 +0300 |
| commit | 7ab0cadbbdf42fdd316941b3260e294577d649f4 (patch) | |
| tree | 26ed9d750eb7706174afddb43a9e6fab210f2176 /spec/models/deploy_key_spec.rb | |
| parent | 3aad3a0b6ffb1a0fe36db41f81e8bbd3728e5f80 (diff) | |
Add latest changes from gitlab-org/gitlab@14-0-stable-ee
Diffstat (limited to 'spec/models/deploy_key_spec.rb')
| -rw-r--r-- | spec/models/deploy_key_spec.rb | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/spec/models/deploy_key_spec.rb b/spec/models/deploy_key_spec.rb index d4ccaa6a10e..fa78527e366 100644 --- a/spec/models/deploy_key_spec.rb +++ b/spec/models/deploy_key_spec.rb @@ -93,4 +93,46 @@ RSpec.describe DeployKey, :mailer do end end end + + describe 'PolicyActor methods' do + let_it_be(:user) { create(:user) } + let_it_be(:deploy_key) { create(:deploy_key, user: user) } + let_it_be(:project) { create(:project, creator: user, namespace: user.namespace) } + + let(:methods) { PolicyActor.instance_methods } + + subject { deploy_key } + + it 'responds to all PolicyActor methods' do + methods.each do |method| + expect(subject.respond_to?(method)).to be true + end + end + + describe '#can?' do + it { expect(user.can?(:read_project, project)).to be true } + + context 'when a read deploy key is enabled in the project' do + let!(:deploy_keys_project) { create(:deploy_keys_project, project: project, deploy_key: deploy_key) } + + it { expect(subject.can?(:read_project, project)).to be false } + it { expect(subject.can?(:download_code, project)).to be true } + it { expect(subject.can?(:push_code, project)).to be false } + end + + context 'when a write deploy key is enabled in the project' do + let!(:deploy_keys_project) { create(:deploy_keys_project, :write_access, project: project, deploy_key: deploy_key) } + + it { expect(subject.can?(:read_project, project)).to be false } + it { expect(subject.can?(:download_code, project)).to be true } + it { expect(subject.can?(:push_code, project)).to be true } + end + + context 'when the deploy key is not enabled in the project' do + it { expect(subject.can?(:read_project, project)).to be false } + it { expect(subject.can?(:download_code, project)).to be false } + it { expect(subject.can?(:push_code, project)).to be false } + end + end + end end |